PSD2: The Disruption and Innovation of Open Banking

Tuesday 8 August 2017 | 10:39 AM
CET

Alisdair Faulkner, ThreatMetrix: Innovation, enhanced security and the drive for greater competition are the golden triptychs at the heart of PSD2

PSD2 is a game changer for digital payments and commerce in Europe and will have a significant global impact. It requires financial institutions to make changes to their platforms and systems, while making strategic decisions on how they want to play going forward. These changes will require significant investment as well as a strategic shift, as banks are forced to consider how they can safely open their banking platforms to external third parties. While this may negatively impact the revenue of large banks, it can also level the playing field for smaller fintechs, as well as provide opportunity for new product innovations.

Not only do banks and other PSPs need to work toward compliance, but they also need to define their strategy to position themselves competitively in the market. They will also need to align the somewhat competing demands of rapid innovation while maintaining vigilant security as the cybercrime war continues to rage.

Innovation and Disruption

Digital transactions have had a huge impact on the evolution of the fintech industry as niche products and services have emerged to fill the crevasses left by larger financial institutions. These include services for the unbanked and underbanked, instant insurance, crowdfunded loans and global online remittance. Fintech operators have been able to rapidly innovate for many reasons: a lack of legacy back end systems, lower regulations and less online scrutiny, for example. On the other hand, large financial institutions have unwittingly become the enablers with minimal benefit.

However, PSD2 and Open Banking regulations are set to create more opportunities as both financial institutions and new providers compete to drive smarter revenue from payments. With open banking, the financial institutions would be increasingly at risk of losing their direct relationship with the customer and becoming a back end utility. On the other hand, new providers could emerge, enabling customers to access their banking services from a common portal, without having to ever log into their bank. These portals may also enable the customer to get services à la carte from a menu of banks.

As such, businesses are contemplating the path forward as they wait for new payment platforms and ecosystems that lead to new business models to emerge. It will be critical for established providers to decide how to take advantage of the opportunity and not be left behind.

New Entrants, New Threats

Financial institutions are required to open their payment accounts for online access by third-party providers on behalf of their customers. Such third-party access via APIs exposes banks to increased risk of fraud and data breaches and will also bring about increased exposure to threats as banks connect to third-party applications and transfer data through open APIs.

These integrations will be prime targets for fraudsters looking to perform high velocity credential testing and immediately sell verified credentials on the dark web. As well as the risk to customer credentials, such attacks can wreak havoc for banks by crashing servers and causing considerable friction for legitimate customers. Moreover, protection of sensitive customer data and authorization of incoming transactions through the new channel are critical for banks and will drive investments in new technology.

How to succeed: solutions to navigate the future

The ThreatMetrix solution for Open Banking enables financial institutions to create APIs for third party providers while maintaining their existing authentication and customer validation processes. This will enable them to support innovation from internal initiatives and through external partners while prioritizing customer experience and lifetime value; underpinned by dynamic global shared intelligence from the world’s largest digital identity network.

While Digital Identity Intelligence empowers businesses to define patterns of trusted behavior that can be used to analyse the risk of future transactions, the ThreatMetrix Dynamic Decision Platform enables businesses to leverage shared intelligence from the Network to make real-time risk decisions. This enables a better balance between security and convenience across customer touch points. Apart from operationalizing dynamic crowd-sourced intelligence from the ThreatMetrix Digital Identity Network, businesses can use the decision platform to apply risk detection to new API and consumer consent flows.

The ThreatMetrix solution allows companies to evaluate real-time risk factors in the context of past user behaviors to make accurate risk decisions, and for businesses to accept, reject, or review (step up) a transaction as necessary. It also help financial institutions and payments providers alike to meet PSD2 and open banking requirements, and securely partner with new and emerging providers, through a comprehensive framework to manage risk in the quest for innovation and new opportunities.

ThreatMetrix Risk Management Framework

Source: ThreatMetrix

About Alisdair Faulkner

Alisdair Faulkner is a technology visionary, with two decades at the forefront of innovations in cybersecurity, machine learning and analytics. Since co-founding ThreatMetrix in 2005, he has been the driving force behind developing the world’s largest Digital Identity Network. He has pioneered and patented seminal technologies for Internet security. He is frequently cited by global press, including CNBC, Forbes, BBC News, and the South China Morning Post and his quarterly Cybercrime Report has garnered worldwide coverage for its data-driven insights on fraud, payments and cybercrime.

About ThreatMetrix

ThreatMetrix, The Digital Identity Company, operates a global shared intelligence network to differentiate trusted customers from fraudsters. The ThreatMetrix Digital Identity Network® recognizes behavior and identities across 4.5 billion unique devices from 1.4 billion anonymized users worldwide. More than 5,000 businesses rely on ThreatMetrix as their decision engine to deliver a frictionless digital customer experience across all online transactions, for increased profitability and security. ThreatMetrix is recognized as the Leader in the 2017 Forrester Wave for risk-based authentication.